CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2652 – SourceCodester Employee and Visitor Gate Pass Logging System exposure of information through directory listing
https://notcve.org/view.php?id=CVE-2025-2652
23 Mar 2025 — A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/happytraveller-alone/cve/blob/main/dir.md • CWE-548: Exposure of Information Through Directory Listing CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9315 – SourceCodester Employee and Visitor Gate Pass Logging System manage_department.php sql injection
https://notcve.org/view.php?id=CVE-2024-9315
28 Sep 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance/manage_department.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://vuldb.com/?id.278819 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7069 – SourceCodester Employee and Visitor Gate Pass Logging System sql injection
https://notcve.org/view.php?id=CVE-2024-7069
24 Jul 2024 — A vulnerability, which was classified as critical, has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. This issue affects some unknown processing of the file /employee_gatepass/classes/Master.php?f=delete_department. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://github.com/pineapple65/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6967 – SourceCodester Employee and Visitor Gate Pass Logging System sql injection
https://notcve.org/view.php?id=CVE-2024-6967
22 Jul 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. This affects an unknown part of the file /employee_gatepass/admin/?page=employee/manage_employee. The manipulation of the argument id leads to sql injection. • https://github.com/rtsjx-cve/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6736 – SourceCodester Employee and Visitor Gate Pass Logging System view_employee.php sql injection
https://notcve.org/view.php?id=CVE-2024-6736
15 Jul 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file view_employee.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. • https://github.com/ljllll123/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6650 – SourceCodester Employee and Visitor Gate Pass Logging System Master.php save_designation cross site scripting
https://notcve.org/view.php?id=CVE-2024-6650
10 Jul 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this issue is the function save_designation of the file /classes/Master.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Xu-Mingming/cve/blob/main/xss1.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6649 – SourceCodester Employee and Visitor Gate Pass Logging System Users.php save_users cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-6649
10 Jul 2024 — A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function save_users of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Xu-Mingming/cve/blob/main/csrf1.md • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5976 – SourceCodester Employee and Visitor Gate Pass Logging System log_employee sql injection
https://notcve.org/view.php?id=CVE-2024-5976
13 Jun 2024 — A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. Affected is the function log_employee of the file /classes/Master.php?f=log_employee. The manipulation of the argument employee_code leads to sql injection. • https://github.com/Xu-Mingming/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5897 – SourceCodester Employee and Visitor Gate Pass Logging System cross site scripting
https://notcve.org/view.php?id=CVE-2024-5897
12 Jun 2024 — A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=log_visitor. The manipulation of the argument name leads to cross site scripting. The attack can be launched remotely. • https://github.com/Hefei-Coffee/cve/blob/main/xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5896 – SourceCodester Employee and Visitor Gate Pass Logging System save_users sql injection
https://notcve.org/view.php?id=CVE-2024-5896
12 Jun 2024 — A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function save_users of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. • https://github.com/Hefei-Coffee/cve/blob/main/sql12.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •